在尝试更新我的 SSL 证书后,我目前的网站出现问题。
我已经完成了本教程中提到的所有步骤:https ://www.digitalocean.com/community/tutorials/how-to-install-an-ssl-certificate-from-a-commercial-certificate-authority
在最后一部分,当我必须输入sudo service apache2 restart行时,我收到了以下错误消息:
Job for apache2.service failed because the control process exited with error code.
See "systemctl status apache2.service" and "journalctl -xe" for details.
systemctl 状态 apache2.service
● apache2.service - The Apache HTTP Server
Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset: enabled)
Drop-In: /lib/systemd/system/apache2.service.d
└─apache2-systemd.conf
Active: failed (Result: exit-code) since Mon 2020-05-18 00:18:34 UTC; 6s ago
Process: 4867 ExecStop=/usr/sbin/apachectl stop (code=exited, status=0/SUCCESS)
Process: 7254 ExecStart=/usr/sbin/apachectl start (code=exited, status=1/FAILURE)
Main PID: 1045 (code=exited, status=0/SUCCESS)
May 18 00:18:34 systemd[1]: Starting The Apache HTTP Server...
May 18 00:18:34 apachectl[7254]: Action 'start' failed.
May 18 00:18:34 apachectl[7254]: The Apache error log may have more information.
May 18 00:18:34 systemd[1]: apache2.service: Control process exited, code=exited status=1
May 18 00:18:34 systemd[1]: apache2.service: Failed with result 'exit-code'.
May 18 00:18:34 systemd[1]: Failed to start The Apache HTTP Server.
apache2ctl configtest
Syntax OK
apachectl configtest
Syntax OK
我尝试了configtest命令来查看是否有任何合成器错误,但一切似乎都很好。
journalctl -xe
May 18 15:33:52 sshd[31542]: Failed password for i
May 18 15:33:53 sudo[31549]: root : TTY=pts/0
May 18 15:33:53 sudo[31549]: pam_unix(sudo:session
May 18 15:33:53 systemd[1]: Starting The Apache HT
-- Subject: Unit apache2.service has begun start-up
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit apache2.service has begun starting up.
May 18 15:33:53 apachectl[31555]: Action 'start' f
May 18 15:33:53 apachectl[31555]: The Apache error
May 18 15:33:53 systemd[1]: apache2.service: Contr
May 18 15:33:53 systemd[1]: apache2.service: Faile
May 18 15:33:53 systemd[1]: Failed to start The Ap
-- Subject: Unit apache2.service has failed
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit apache2.service has failed.
--
-- The result is RESULT.
May 18 15:33:53 sudo[31549]: pam_unix(sudo:session
May 18 15:33:55 kernel: [UFW BLOCK] IN=eth0 OUT= M
lines 1128-1150/1150 (END)
May 18 15:33:52 sshd[31542]: Failed password for invalid user bdt from 206.18
May 18 15:33:53 sudo[31549]: root : TTY=pts/0 ; PWD=/root ; USER=root ; C
May 18 15:33:53 sudo[31549]: pam_unix(sudo:session): session opened for user
May 18 15:33:53 systemd[1]: Starting The Apache HTTP Server...
-- Subject: Unit apache2.service has begun start-up
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit apache2.service has begun starting up.
May 18 15:33:53 apachectl[31555]: Action 'start' failed.
May 18 15:33:53 apachectl[31555]: The Apache error log may have more informat
May 18 15:33:53 systemd[1]: apache2.service: Control process exited, code=exi
May 18 15:33:53 systemd[1]: apache2.service: Failed with result 'exit-code'.
May 18 15:33:53 systemd[1]: Failed to start The Apache HTTP Server.
-- Subject: Unit apache2.service has failed
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit apache2.service has failed.
--
-- The result is RESULT.
May 18 15:33:53 sudo[31549]: pam_unix(sudo:session): session closed for user
May 18 15:33:55 kernel: [UFW BLOCK] IN=eth0 OUT= MAC=fa:52:65:0e:6a:71:fe:00:
~
~
~
~
~
~
~
~
~
~
~
lines 1128-1150/1150 (END)
May 18 15:33:52 sshd[31542]: Failed password for invalid user bdt from 206.189.212.33 port 38420 ssh2
May 18 15:33:53 sudo[31549]: root : TTY=pts/0 ; PWD=/root ; USER=root ; COMMAND=/usr/sbin/service ap
May 18 15:33:53 sudo[31549]: pam_unix(sudo:session): session opened for user root by root(uid=0)
May 18 15:33:53 systemd[1]: Starting The Apache HTTP Server...
-- Subject: Unit apache2.service has begun start-up
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit apache2.service has begun starting up.
May 18 15:33:53 apachectl[31555]: Action 'start' failed.
May 18 15:33:53 apachectl[31555]: The Apache error log may have more information.
May 18 15:33:53 systemd[1]: apache2.service: Control process exited, code=exited status=1
May 18 15:33:53 systemd[1]: apache2.service: Failed with result 'exit-code'.
May 18 15:33:53 systemd[1]: Failed to start The Apache HTTP Server.
-- Subject: Unit apache2.service has failed
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit apache2.service has failed.
--
-- The result is RESULT.
May 18 15:33:53 sudo[31549]: pam_unix(sudo:session): session closed for user root
May 18 15:33:55 kernel: [UFW BLOCK] IN=eth0 OUT= MAC=fa:52:65:0e:6a:71:fe:00:00:00:01:01:08:00 SRC=185.1
~
~
~
~
~
~
~
~
~
~
~
~
lines 1128-1150/1150 (END)
May 18 15:33:52 sshd[31542]: Failed password for invalid user bdt from 206.189.212.33 port 38420 ssh2
May 18 15:33:53 sudo[31549]: root : TTY=pts/0 ; PWD=/root ; USER=root ; COMMAND=/usr/sbin/service apache2 restart
May 18 15:33:53 sudo[31549]: pam_unix(sudo:session): session opened for user root by root(uid=0)
May 18 15:33:53 systemd[1]: Starting The Apache HTTP Server...
-- Subject: Unit apache2.service has begun start-up
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit apache2.service has begun starting up.
May 18 15:33:53 apachectl[31555]: Action 'start' failed.
May 18 15:33:53 apachectl[31555]: The Apache error log may have more information.
May 18 15:33:53 systemd[1]: apache2.service: Control process exited, code=exited status=1
May 18 15:33:53 systemd[1]: apache2.service: Failed with result 'exit-code'.
May 18 15:33:53 systemd[1]: Failed to start The Apache HTTP Server.
-- Subject: Unit apache2.service has failed
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit apache2.service has failed.
--
-- The result is RESULT.
May 18 15:33:53 sudo[31549]: pam_unix(sudo:session): session closed for user root
May 18 15:33:55 kernel: [UFW BLOCK] IN=eth0 OUT= MAC=fa:52:65:0e:6a:71:fe:00:00:00:01:01:08:00 SRC=185.151.242.187 DST=167.99.179.159 LEN=40 T
~
~
~
~
~
~
~
~
~
~
~
~
lines 1128-1150/1150 (END)
May 18 15:33:52 sshd[31542]: Failed password for invalid user bdt from 206.189.212.33 port 38420 ssh2
May 18 15:33:53 sudo[31549]: root : TTY=pts/0 ; PWD=/root ; USER=root ; COMMAND=/usr/sbin/service apache2 restart
May 18 15:33:53 sudo[31549]: pam_unix(sudo:session): session opened for user root by root(uid=0)
May 18 15:33:53 systemd[1]: Starting The Apache HTTP Server...
-- Subject: Unit apache2.service has begun start-up
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit apache2.service has begun starting up.
May 18 15:33:53 apachectl[31555]: Action 'start' failed.
May 18 15:33:53 apachectl[31555]: The Apache error log may have more information.
May 18 15:33:53 systemd[1]: apache2.service: Control process exited, code=exited status=1
May 18 15:33:53 systemd[1]: apache2.service: Failed with result 'exit-code'.
May 18 15:33:53 systemd[1]: Failed to start The Apache HTTP Server.
-- Subject: Unit apache2.service has failed
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit apache2.service has failed.
--
-- The result is RESULT.
May 18 15:33:53 sudo[31549]: pam_unix(sudo:session): session closed for user root
May 18 15:33:55 kernel: [UFW BLOCK] IN=eth0 OUT= MAC=fa:52:65:0e:6a:71:fe:00:00:00:01:01:08:00 SRC=185.151.242.187 DST=167.99.179.159 LEN=40 TOS=0x00 PREC=0x00 TTL=240 ID=15380 PROTO=TCP
~
~
~
~
~
~
~
~
~
~
~
~
lines 1128-1150/1150 (END)
May 18 15:33:52 sshd[31542]: Failed password for invalid user bdt from 206.189.212.33 port 38420 ssh2
May 18 15:33:53 sudo[31549]: root : TTY=pts/0 ; PWD=/root ; USER=root ; COMMAND=/usr/sbin/service apache2 restart
May 18 15:33:53 sudo[31549]: pam_unix(sudo:session): session opened for user root by root(uid=0)
May 18 15:33:53 systemd[1]: Starting The Apache HTTP Server...
-- Subject: Unit apache2.service has begun start-up
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit apache2.service has begun starting up.
May 18 15:33:53 apachectl[31555]: Action 'start' failed.
May 18 15:33:53 apachectl[31555]: The Apache error log may have more information.
May 18 15:33:53 systemd[1]: apache2.service: Control process exited, code=exited status=1
May 18 15:33:53 systemd[1]: apache2.service: Failed with result 'exit-code'.
May 18 15:33:53 systemd[1]: Failed to start The Apache HTTP Server.
-- Subject: Unit apache2.service has failed
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit apache2.service has failed.
--
-- The result is RESULT.
May 18 15:33:53 sudo[31549]: pam_unix(sudo:session): session closed for user root
May 18 15:33:55 kernel: [UFW BLOCK] IN=eth0 OUT= MAC=fa:52:65:0e:6a:71:fe:00:00:00:01:01:08:00 SRC=185.151.242.187 DST=167.99.179.159 LEN=40 TOS=0x00 PREC=0x00 TTL=240 ID=15380 PROTO=TCP SPT=21789 DPT=3377 WINDOW=1024 R
~
~
~
~
~
~
~
~
~
~
~
~
lines 1128-1150/1150 (END)
May 18 15:33:52 sshd[31542]: Failed password for invalid user bdt from 206.189.212.33 port 38420 ssh2
May 18 15:33:53 sudo[31549]: root : TTY=pts/0 ; PWD=/root ; USER=root ; COMMAND=/usr/sbin/service apache2 restart
May 18 15:33:53 sudo[31549]: pam_unix(sudo:session): session opened for user root by root(uid=0)
May 18 15:33:53 systemd[1]: Starting The Apache HTTP Server...
-- Subject: Unit apache2.service has begun start-up
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit apache2.service has begun starting up.
May 18 15:33:53 apachectl[31555]: Action 'start' failed.
May 18 15:33:53 apachectl[31555]: The Apache error log may have more information.
May 18 15:33:53 systemd[1]: apache2.service: Control process exited, code=exited status=1
May 18 15:33:53 systemd[1]: apache2.service: Failed with result 'exit-code'.
May 18 15:33:53 systemd[1]: Failed to start The Apache HTTP Server.
-- Subject: Unit apache2.service has failed
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit apache2.service has failed.
--
-- The result is RESULT.
May 18 15:33:53 sudo[31549]: pam_unix(sudo:session): session closed for user root
May 18 15:33:55 kernel: [UFW BLOCK] IN=eth0 OUT= MAC=fa:52:65:0e:6a:71:fe:00:00:00:01:01:08:00 SRC=185.151.242.187 DST=167.99.179.159 LEN=40 TOS=0x00 PREC=0x00 TTL=240 ID=15380 PROTO=TCP SPT=21789 DPT=3377 WINDOW=1024 RES=0x00 SYN URGP=0
当我尝试通过 sFTP 访问文件夹/usr/sbin/apachectl时,我们可以看到以下错误消息:
Directory /usr/sbin/apache2ctl: no such file or directory
在文件/var/log/apache2/error.log中,我有 :
[Mon May 18 15:33:53.451709 2020] [ssl:error] [pid 31566] AH02579: Init: Private key not found
[Mon May 18 15:33:53.451789 2020] [ssl:error] [pid 31566] SSL Library Error: error:0D0680A8:asn1 encoding routines:asn1_check_tlen:wrong tag
[Mon May 18 15:33:53.451800 2020] [ssl:error] [pid 31566] SSL Library Error: error:0D08303A:asn1 encoding routines:asn1_template_noexp_d2i:nested asn1 error
[Mon May 18 15:33:53.451807 2020] [ssl:error] [pid 31566] SSL Library Error: error:0D0680A8:asn1 encoding routines:asn1_check_tlen:wrong tag
[Mon May 18 15:33:53.451815 2020] [ssl:error] [pid 31566] SSL Library Error: error:0D07803A:asn1 encoding routines:asn1_item_embed_d2i:nested asn1 error (Type=RSAPrivateKey)
[Mon May 18 15:33:53.451823 2020] [ssl:error] [pid 31566] SSL Library Error: error:04093004:rsa routines:old_rsa_priv_decode:RSA lib
[Mon May 18 15:33:53.451830 2020] [ssl:error] [pid 31566] SSL Library Error: error:0D0680A8:asn1 encoding routines:asn1_check_tlen:wrong tag
[Mon May 18 15:33:53.451837 2020] [ssl:error] [pid 31566] SSL Library Error: error:0D07803A:asn1 encoding routines:asn1_item_embed_d2i:nested asn1 error (Type=PKCS8_PRIV_KEY_INFO)
[Mon May 18 15:33:53.451842 2020] [ssl:emerg] [pid 31566] AH02311: Fatal error initialising mod_ssl, exiting. See /var/log/apache2/error.log for more information
[Mon May 18 15:33:53.451846 2020] [ssl:emerg] [pid 31566] AH02564: Failed to configure encrypted (?) private key mydomain.com:443:0, check /root/certificate/mydomain.com.key
AH00016: Configuration Failed
任何帮助将非常感激。如果您需要检查其他内容,请告诉我您需要什么以及我如何获取这些信息。谢谢!
在MichielB的帮助下,我找到了问题的原因和解决方案。
正如MichielB指出的那样,我必须检查error.log文件才能找到问题的原因。
所以我已经在我的电脑上下载了这个文件,并在文本编辑器中打开它来阅读内容。正如我们在日志文件中看到的(请参阅问题以供参考),两个重要的行是:
这表明找不到密钥(不存在)。
这表明钥匙应该在哪里(在我的情况下)。
因此,我检查了/root/certificate/文件夹以查找mydomain.com.key文件是否丢失,但它如预期的那样存在。
下一步是将mydomain.com.key文件下载到我的计算机并在文本编辑器中打开它以检查内容。
那时我很快就明白了问题所在:我没有正确的密钥,甚至没有正确的文件。
我不知道这是否是我在安装 SSL 证书的某个阶段的处理不当,但我的 .key 文件不是密钥。我知道是因为文件中没有以下标签:
因此,如果您遇到与我类似的问题,请确保您有一个000-default.conf 或 mydomain.com.conf 文件指向的 .key 文件,并确保它是已安装证书的正确密钥(而不是例如,以前证书中的密钥)。
非常感谢MichielB的帮助!你让我今天一整天都感觉很好!
journalctl -xe
在这种情况下也很有帮助。您必须使用up arrow
键盘才能看到问题。就我而言,这是apache configsSSLProxyEngine
中的类似配置问题。sites-enabled